Government urges businesses to adopt Cyber Essentials
Put baseline cyber security measures in place with the help of Cyber Essentials
A new UK government campaign, launched on 17 February 2026, tells businesses to 'lock the door' on cyber criminals by following Cyber Essentials - a simple scheme to protect against common online threats.
Developed by experts at the National Cyber Security Centre (NCSC) and the Department for Science, Innovation and Technology, Cyber Essentials focuses on five key protections:
- firewalls
- secure configuration
- software updates
- user access control
- malware protection
Cyber Essentials gives businesses simple steps to tackle basic cyber risks and prove to customers and suppliers that they take security seriously. Certified organisations made 92% fewer insurance claims last year, suggesting that the scheme helps to minimise risks and vulnerabilities. Certification can also help companies win government contracts and access free cyber insurance - including a 24/7 helpline - for eligible organisations.
Economic impact and scale of cyber threat in the UK
Cyber threats are estimated to cost UK businesses £14.7 billion a year. The average cost of a significant cyber attack for an individual business in the UK is almost £195,000, according to government research.
Half of all small businesses have experienced at least one cyber breach or attack in the last 12 months. The Cyber Security Longitudinal Survey shows 82% of medium and large businesses suffered a cyber incident in the past year. These findings suggest that no business is out of reach from cyber criminals.
How to get started with Cyber Essentials
Many incidents exploit basic cyber weaknesses, which Cyber Essentials is designed to protect against. To get started, businesses and organisations can:
- use the Cyber Essentials Readiness Tool to identify gaps
- book a free 30-minute chat with an NCSC-approved cyber advisor
- preview the certification questions for free
You can review other Cyber Essentials resources - including the requirements for IT infrastructure - alongside this to help you identify if you are ready for certification.
For more information, see also our Cyber Essentials guidance.
First published 19 February 2026